Chapter 8 Recovery and Post-Incident Response

THE COMPTIA CYBERSECURITY ANALYST+ EXAM OBJECTIVES COVERED IN THIS CHAPTER INCLUDE:

  • Domain 3: Cyber Incident Response
    • ✓ 3.5 Summarize the incident recovery and post-incident response process.

Chapter 5, “Building an Incident Response Program,” provided an overview of the steps required to build and implement a cybersecurity incident response program according to the process advocated by the National Institute of Standards and Technology (NIST). In their Computer Security Incident Handling Guide, NIST outlines the four-phase incident response process shown in Figure 8.1.

Figure 8.1 Incident ...

Get CompTIA Cybersecurity Analyst (CSA+) Study Guide now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.